Five U.S. states will enact new privacy laws in 2023 which may have a significant impact on companies which operate in each respective state. California will be amending an existing law, while Colorado, Connecticut, Utah and Virginia will be introducing
Latest from Data Security & Privacy
Austrian Data Protection Authority Finds Website Use of Google Analytics Violates GDPR
On December 22, 2021, the Austrian Data Protection Authority (DSB) found that medical news company, NetDoktor, violated Europe’s General Data Protection Regulation (GDPR) by using Google LLC’s popular data analytics platform, Google Analytics (GA), on its website, which resulted in
Data Privacy and Security Concerns With Rise of Online Betting, Gaming
As of January 8, 2022, New York State joined the ranks of more than a dozen states that have legalized online and mobile sports betting since the U.S. Supreme Court’s 2018 decision in Murphy v. National Collegiate Athletic Association, which
Canada Proposes New Privacy Bill
On November 17, 2020, Canada’s Minister of Innovation, Science and Industry introduced the proposed Digital Charter Implementation Act (DCIA or “Act”), new legislation from the Liberal Party of Canada that could dramatically alter how the country regulates consumer data.[1]
Swiss-U.S. Privacy Shield Invalidated by Swiss Commissioner
The Schrems II decision, issued on July 16, 2020, continues to impact the ability of organizations to transfer personal data from the European Economic Area to the United States. The effects of the decision are now felt in Switzerland as
European Parliament Committee Discusses the Future of EEA-U.S. Data Flows
On September 3, 2020, the European Parliament Committee on Civil Liberties, Justice and Home Affairs (“LIBE Committee”) held a meeting to discuss the Schrems II decision and the future of personal data transfers between the European Economic Area (EEA) and
EDPB Establishes and Appoints Task Forces to Prepare Recommendations and Review Complaints Following the Schrems II Decision
On September 4, 2020, the European Data Protection Board (EDPB) announced that it had created two task forces following the Schrems II decision.[1] The first task force will prepare recommendations to support controllers and processors regarding their duties in
EDPB Issues Draft of GDPR Controller-Processor Guidelines
On September 7, 2020, the European Data Protection Board (EDPB) issued draft guidelines clarifying the concepts of “controller,” “joint controller,” “processor” and “third party” under the General Data Protection Regulation (GDPR). These concepts are important under the GDPR, as they
The Department of Commerce Continues Efforts to Address Cross-Border Data Transfers Under the GDPR After the Invalidation of the Privacy Shield
U.S. Department of Commerce and European Commission Release Joint Press Statement
On August 10, 2020, the U.S. Secretary of Commerce, Wilbur Ross, and the European Commissioner for Justice, Didier Reynders, released a Joint Press Statement (“Press Statement”) regarding the status
European High Court Invalidates Privacy Shield, but Upholds Standard Contractual Clauses for International Data Transfers Under the GDPR
The General Data Protection Regulation (GDPR), Europe’s restrictive data protection law, permits the transfer of personal data from the European Economic Area1 (EEA) to other countries only under limited circumstances. On July 16, 2020, the Court of Justice of